Lines Matching full:s0
186 hidden entirely by defining \fB\s-1OPENSSL_API_COMPAT\s0\fR with a suitable version value,
300 hidden entirely by defining \fB\s-1OPENSSL_API_COMPAT\s0\fR with a suitable version value,
312 form of \fB\s-1ENGINE\s0\fR objects. These objects act as containers for
317 The cryptographic functionality that can be provided by an \fB\s-1ENGINE\s0\fR
330 Due to the modular nature of the \s-1ENGINE API,\s0 pointers to ENGINEs need to be
332 the underlying \s-1ENGINE\s0 object. Ie. one should obtain a new reference when
333 making copies of an \s-1ENGINE\s0 pointer if the copies will be used (and
336 \&\s-1ENGINE\s0 objects have two levels of reference-counting to match the way in
337 which the objects are used. At the most basic level, each \s-1ENGINE\s0 pointer is
342 However, a structural reference provides no guarantee that the \s-1ENGINE\s0 is
346 support specialised hardware. To use an \s-1ENGINE\s0's functionality, you need a
352 \&\s-1ENGINE,\s0 you have a guarantee that the \s-1ENGINE\s0 has been initialised and
360 ENGINEs, reading information about an \s-1ENGINE,\s0 etc. Essentially a structural
362 an \s-1ENGINE\s0 implementation rather than use its functionality.
365 \&\s-1ENGINE\s0 object. There are other \s-1ENGINE API\s0 functions that return structural
369 \&\s-1ENGINE\s0 object itself will only actually be cleaned up and deallocated when
372 It should also be noted that many \s-1ENGINE API\s0 function calls that accept a
374 this happens whenever the supplied \s-1ENGINE\s0 will be needed by OpenSSL after
375 the function has returned. Eg. the function to add a new \s-1ENGINE\s0 to
383 \&\s-1ENGINE\s0 list \- they will return a new structural reference to the next (or
384 previous) \s-1ENGINE\s0 in the list or \s-1NULL\s0 if at the end (or beginning) of the
395 functionality of an \s-1ENGINE\s0 is required to be available. A functional
397 reference to the required \s-1ENGINE,\s0 or by asking OpenSSL for the default
398 operational \s-1ENGINE\s0 for a given cryptographic purpose.
401 call the \fBENGINE_init()\fR function. This returns zero if the \s-1ENGINE\s0 was not
404 return nonzero to indicate that the \s-1ENGINE\s0 is now operational and will
405 have allocated a new \fBfunctional\fR reference to the \s-1ENGINE.\s0 All functional
414 algorithm-specific types in OpenSSL, such as \s-1RSA, DSA, EVP_CIPHER_CTX,\s0 etc.
417 For each supported abstraction, the \s-1ENGINE\s0 code maintains an internal table
421 abstractions like \s-1EVP_CIPHER\s0 and \s-1EVP_DIGEST\s0 support many distinct
423 In the case of other abstractions like \s-1RSA, DSA,\s0 etc, there is only one
427 When a default \s-1ENGINE\s0 is requested for a given abstraction/algorithm/mode, (e.g.
428 when calling RSA_new_method(\s-1NULL\s0)), a \*(L"get_default\*(R" call will be made to the
429 \&\s-1ENGINE\s0 subsystem to process the corresponding state table and return a
430 functional reference to an initialised \s-1ENGINE\s0 whose implementation should be
431 used. If no \s-1ENGINE\s0 should (or can) be used, it will return \s-1NULL\s0 and the caller
432 will operate with a \s-1NULL ENGINE\s0 handle \- this usually equates to using the
434 then on behave the way it used to before the \s-1ENGINE API\s0 existed.
440 operational. If it returns a functional reference to an \s-1ENGINE,\s0 it will
442 needing to iterate across the table). Likewise, it will cache a \s-1NULL\s0
443 response if no \s-1ENGINE\s0 was available so that future queries won't repeat the
445 changed; if the \s-1ENGINE_TABLE_FLAG_NOINIT\s0 flag is set (using
447 instead the only way for the state table to return a non-NULL \s-1ENGINE\s0 to the
451 query. In the case of abstractions like \s-1EVP_CIPHER,\s0 where implementations are
457 support to make the most useful elements of the \s-1ENGINE\s0 functionality
459 programmer wishes to make alternative \s-1ENGINE\s0 modules available to the
462 empty and in fact if an application does not call any \s-1ENGINE API\s0 calls and
464 binary will not contain any alternative \s-1ENGINE\s0 code at all. So the first
465 consideration is whether any/all available \s-1ENGINE\s0 implementations should be
473 will want to allow the user to specify exactly which \s-1ENGINE\s0 they want used
475 OpenSSL automatically use at run-time any \s-1ENGINE\s0 that is able to
483 If no \s-1ENGINE API\s0 functions are called within an application, then OpenSSL
488 \&\fIUsing a specific \s-1ENGINE\s0 implementation\fR
491 to want to use the \*(L"\s-1ACME\*(R" ENGINE\s0 if it is available in the version of
493 used by default for all \s-1RSA, DSA,\s0 and symmetric cipher operations, otherwise
524 \&\fIAutomatically using built-in \s-1ENGINE\s0 implementations\fR
526 Here we'll assume we want to load and register all \s-1ENGINE\s0 implementations
528 OpenSSL \- if there is an \s-1ENGINE\s0 that implements it and can be initialised,
539 \&\s-1RSA\s0 key, any bundled ENGINEs that implement \s-1RSA_METHOD\s0 will be passed to
540 \&\fBENGINE_init()\fR and if any of those succeed, that \s-1ENGINE\s0 will be set as the
541 default for \s-1RSA\s0 use from then on.
544 There is a mechanism supported by the \s-1ENGINE\s0 framework that allows each
545 \&\s-1ENGINE\s0 implementation to define an arbitrary set of configuration
548 and assumes \s-1ASCII\s0 input (no unicode or \s-1UTF\s0 for now!), so it is ideal if
551 possible for the application to dynamically interrogate the loaded \s-1ENGINE\s0
554 scheme. However, if the user is expected to know which \s-1ENGINE\s0 device he/she
568 passed to an \s-1ENGINE\s0 \fBbefore\fR attempting to initialise it, i.e. before
572 in some cases both. \s-1ENGINE\s0 implementations should provide indications of
576 \&\fIIssuing control commands to an \s-1ENGINE\s0\fR
579 name of the \s-1ENGINE\s0 it wishes to use, a table of string-pairs for use before
582 followed by the command \*(L"parameter\*(R" \- the parameter could be \s-1NULL\s0 in some
583 cases but the name can not. This function should initialise the \s-1ENGINE\s0
585 and set it as the default for everything except \s-1RAND\s0 and then return a
631 failure if the \s-1ENGINE\s0 supported the given command name but failed while
632 executing it, if the \s-1ENGINE\s0 doesn't support the command name it will simply
634 only supplying commands specific to the given \s-1ENGINE\s0 so we set this to
635 \&\s-1FALSE.\s0
640 and input parameters of the control commands supported by an \s-1ENGINE\s0 using a
643 \&\s-1ENGINE,\s0 i.e. the \s-1ENGINE\s0's \fBctrl()\fR handler is not used for the control command.
644 \&\fI<openssl/engine.h>\fR defines an index, \s-1ENGINE_CMD_BASE,\s0 that all control
650 commands implemented by a given \s-1ENGINE,\s0 specifically the commands:
665 they use various properties exposed by each \s-1ENGINE\s0 to process these
666 queries. An \s-1ENGINE\s0 has 3 properties it exposes that can affect how this behaves;
667 it can supply a \fBctrl()\fR handler, it can specify \s-1ENGINE_FLAGS_MANUAL_CMD_CTRL\s0 in
668 the \s-1ENGINE\s0's flags, and it can expose an array of control command descriptions.
669 If an \s-1ENGINE\s0 specifies the \s-1ENGINE_FLAGS_MANUAL_CMD_CTRL\s0 flag, then it will
670 simply pass all these \*(L"core\*(R" control commands directly to the \s-1ENGINE\s0's \fBctrl()\fR
671 handler (and thus, it must have supplied one), so it is up to the \s-1ENGINE\s0 to
687 If the \s-1ENGINE\s0's array of control commands is empty then all other commands will
688 fail, otherwise; \s-1ENGINE_CTRL_GET_FIRST_CMD_TYPE\s0 returns the identifier of
689 the first command supported by the \s-1ENGINE, ENGINE_GET_NEXT_CMD_TYPE\s0 takes the
690 identifier of a command supported by the \s-1ENGINE\s0 and returns the next command
691 identifier or fails if there are no more, \s-1ENGINE_CMD_FROM_NAME\s0 takes a string
695 \&\s-1ENGINE_CTRL_GET_FLAGS\s0 return the string length of a command name or description,
697 description. \s-1ENGINE_CTRL_GET_FLAGS\s0 returns a bitwise-OR'd mask of the following
707 If the \s-1ENGINE_CMD_FLAG_INTERNAL\s0 flag is set, then any other flags are purely
709 for any higher-level \s-1ENGINE\s0 functions such as \fBENGINE_ctrl_cmd_string()\fR.
710 \&\*(L"\s-1INTERNAL\*(R"\s0 commands are not intended to be exposed to text-based configuration
714 discovery mechanisms simply to allow applications to determine if an \s-1ENGINE\s0
716 might query various ENGINEs to see if they implement \*(L"\s-1FOO_GET_VENDOR_LOGO_GIF\*(R"\s0 \-
717 and \s-1ENGINE\s0 could therefore decide whether or not to support this \*(L"foo\*(R"\-specific
721 .IP "\fB\s-1OPENSSL_ENGINES\s0\fR" 4
728 return a valid \fB\s-1ENGINE\s0\fR structure or \s-1NULL\s0 if an error occurred.
732 \&\fBENGINE_by_id()\fR returns a valid \fB\s-1ENGINE\s0\fR structure or \s-1NULL\s0 if an error occ…
737 …NGINE_get_digest_engine()\fR return a valid \fB\s-1ENGINE\s0\fR structure on success or \s-1NULL\s0
746 \&\fB\s-1ENGINE\s0\fR implementations.
758 \&\fBENGINE_new()\fR returns a valid \fB\s-1ENGINE\s0\fR structure on success or \s-1NULL\s0 if an …
770 and the name of the \s-1ENGINE\s0 \fBe\fR respectively.
781 …BENGINE_get_cipher()\fR returns a valid \fB\s-1EVP_CIPHER\s0\fR structure on success or \s-1NULL\s0
784 \&\fBENGINE_get_digest()\fR returns a valid \fB\s-1EVP_MD\s0\fR structure on success or \s-1NULL\s0…
787 \&\fBENGINE_get_flags()\fR returns an integer representing the \s-1ENGINE\s0 flags which are
788 used to control various behaviours of an \s-1ENGINE.\s0
790 \&\fBENGINE_get_cmd_defns()\fR returns an \fB\s-1ENGINE_CMD_DEFN\s0\fR structure or \s-1NULL\s0 if …
793 …NGINE_load_private_key()\fR and \fBENGINE_load_public_key()\fR return a valid \fB\s-1EVP_PKEY\s0\fR
794 structure on success or \s-1NULL\s0 if an error occurred.
812 in the file \s-1LICENSE\s0 in the source distribution or at